program: syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r1 = openat$ttyS3(0xffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x13) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000300)=0x3) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="380000000314230c2abd70000705df250900020073797a310000000008004100727865001400330073797a5f74756e"], 0x38}, 0x1, 0x0, 0x0, 0x8845}, 0x4000) syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000640)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1e7d, 0x2d50, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x70, 0x1}}]}}, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100)={0xffffffffffffffff}, 0x111, 0xa}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r3, &(0x7f0000000180)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e25, 0x0, @local, 0xb}, r4}}, 0x30) r5 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_DELLINK(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x1404, 0x1, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000000)={0x3, 0x40, 0xfa00, {{0xa, 0x4e24, 0xf01, @mcast2, 0x5}, {0xa, 0x4e24, 0x20, @remote, 0x41}, r4, 0x3}}, 0x48) r6 = socket$nl_generic(0x10, 0x3, 0x10) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x42, 0x1ff) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x201008, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000001180)='./bus\x00') open$dir(&(0x7f0000000100)='./file0\x00', 0x15b800, 0x0) fallocate(r6, 0xd, 0x4, 0xb) [ 105.452432][ T4673] Bluetooth: hci0: command tx timeout [ 105.526711][ T5333] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 105.687261][ T5333] infiniband syz1: set active [ 105.689972][ T5333] infiniband syz1: added syz_tun [ 105.738889][ T5333] RDS/IB: syz1: added [ 105.741360][ T5333] smc: adding ib device syz1 with port count 1 [ 105.745069][ T5333] smc: ib device syz1 port 1 has no pnetid [ 106.021092][ T9] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 106.174717][ T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 106.179507][ T9] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 106.184035][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.191706][ T9] usb 5-1: config 0 descriptor?? [ 106.208791][ T9] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 106.409263][ T5333] smc: removing ib device syz1 [ 106.695621][ T5333] ------------[ cut here ]------------ [ 106.698671][ T5333] GID entry ref leak for dev syz1 index 2 ref=1 [ 106.702185][ T5333] WARNING: drivers/infiniband/core/cache.c:808 at gid_table_release_one+0x1fa/0x440, CPU#0: syz.0.0/5333 [ 106.707107][ T5333] Modules linked in: [ 106.709098][ T5333] CPU: 0 UID: 0 PID: 5333 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 106.713859][ T5333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 106.718918][ T5333] RIP: 0010:gid_table_release_one+0x2aa/0x440 [ 106.721908][ T5333] Code: 00 48 89 ef be 04 00 00 00 e8 42 06 91 f9 48 89 e8 48 c1 e8 03 42 0f b6 04 28 84 c0 75 54 8b 4d 00 48 89 df 4c 89 fe 44 89 e2 <67> 48 0f b9 3a 4d 89 ef 4c 8b 6c 24 68 48 8b 44 24 70 42 0f b6 04 [ 106.731579][ T5333] RSP: 0018:ffffc9000d9fefd0 EFLAGS: 00010246 [ 106.735102][ T5333] RAX: 0000000000000000 RBX: ffffffff901ffc30 RCX: 0000000000000001 [ 106.740112][ T5333] RDX: 0000000000000002 RSI: ffff88801f7fd020 RDI: ffffffff901ffc30 [ 106.743823][ T5333] RBP: ffff8880330dcd00 R08: ffff8880330dcd03 R09: 1ffff1100661b9a0 [ 106.747544][ T5333] R10: dffffc0000000000 R11: ffffed100661b9a1 R12: 0000000000000002 [ 106.752161][ T5333] R13: dffffc0000000000 R14: ffff888040459cd8 R15: ffff88801f7fd020 [ 106.755747][ T5333] FS: 00007f07071f66c0(0000) GS:ffff88808ca4e000(0000) knlGS:0000000000000000 [ 106.760287][ T5333] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.763792][ T5333] CR2: 00007f4284cf50f5 CR3: 0000000013110000 CR4: 0000000000352ef0 [ 106.767898][ T5333] Call Trace: [ 106.769819][ T5333] [ 106.771573][ T5333] ib_device_release+0xd2/0x1c0 [ 106.773802][ T5333] ? __pfx_ib_device_release+0x10/0x10 [ 106.776154][ T5333] device_release+0xc4/0x1f0 [ 106.778233][ T5333] kobject_put+0x228/0x560 [ 106.780295][ T5333] nldev_dellink+0x288/0x320 [ 106.782531][ T5333] ? __lock_acquire+0x6b5/0x2cf0 [ 106.784795][ T5333] ? __pfx_nldev_dellink+0x10/0x10 [ 106.787100][ T5333] ? apparmor_capable+0x126/0x170 [ 106.789457][ T5333] ? bpf_lsm_capable+0x9/0x20 [ 106.791647][ T5333] ? security_capable+0x7e/0x2c0 [ 106.793840][ T5333] ? __pfx_nldev_dellink+0x10/0x10 [ 106.796066][ T5333] rdma_nl_rcv+0x6d7/0xa10 [ 106.797992][ T5333] ? __pfx_rdma_nl_rcv+0x10/0x10 [ 106.800622][ T5333] ? __netlink_lookup+0x7e4/0x8b0 [ 106.803053][ T5333] ? netlink_deliver_tap+0x2e/0x1b0 [ 106.805383][ T5333] netlink_unicast+0x80f/0x9b0 [ 106.807726][ T5333] ? __pfx_netlink_unicast+0x10/0x10 [ 106.810973][ T5333] ? netlink_sendmsg+0x650/0xb40 [ 106.813262][ T5333] ? skb_put+0x11b/0x210 [ 106.815146][ T5333] netlink_sendmsg+0x813/0xb40 [ 106.817476][ T5333] ? __pfx_netlink_sendmsg+0x10/0x10 [ 106.820687][ T5333] ? aa_sock_msg_perm+0xf1/0x1b0 [ 106.823975][ T5333] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 106.826388][ T5333] ____sys_sendmsg+0x972/0x9f0 [ 106.828560][ T5333] ? futex_unqueue+0x211/0x240 [ 106.830700][ T5333] ? __pfx_____sys_sendmsg+0x10/0x10 [ 106.833733][ T5333] ? import_iovec+0x73/0xa0 [ 106.836122][ T5333] ___sys_sendmsg+0x2a5/0x360 [ 106.838436][ T5333] ? __pfx____sys_sendmsg+0x10/0x10 [ 106.841678][ T5333] ? futex_wait+0x29a/0x380 [ 106.843712][ T5333] ? __fget_files+0x2a/0x420 [ 106.845793][ T5333] ? __fget_files+0x3a0/0x420 [ 106.847898][ T5333] __x64_sys_sendmsg+0x1bd/0x2a0 [ 106.850168][ T5333] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 106.852597][ T5333] ? rcu_is_watching+0x15/0xb0 [ 106.854682][ T5333] do_syscall_64+0x14d/0xf80 [ 106.856648][ T5333] ? trace_irq_disable+0x3b/0x150 [ 106.858889][ T5333] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.862387][ T5333] ? clear_bhb_loop+0x40/0x90 [ 106.864492][ T5333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.867061][ T5333] RIP: 0033:0x7f070639c819 [ 106.869610][ T5333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 106.878474][ T5333] RSP: 002b:00007f07071f5fe8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 106.882442][ T5333] RAX: ffffffffffffffda RBX: 00007f0706615fa0 RCX: 00007f070639c819 [ 106.886441][ T5333] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000009 [ 106.890200][ T5333] RBP: 00007f0706432c91 R08: 0000000000000000 R09: 0000000000000000 [ 106.893754][ T5333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 106.897642][ T5333] R13: 00007f0706616038 R14: 00007f0706615fa0 R15: 00007ffedd054028 [ 106.902402][ T5333] [ 106.903924][ T5333] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 106.907071][ T5333] CPU: 0 UID: 0 PID: 5333 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 106.911032][ T5333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 106.915454][ T5333] Call Trace: [ 106.917100][ T5333] [ 106.918816][ T5333] vpanic+0x56c/0xa60 [ 106.920688][ T5333] ? __pfx__printk+0x10/0x10 [ 106.922800][ T5333] ? __pfx_vpanic+0x10/0x10 [ 106.924846][ T5333] ? is_bpf_text_address+0x292/0x2b0 [ 106.927315][ T5333] ? is_bpf_text_address+0x26/0x2b0 [ 106.929668][ T5333] panic+0xc5/0xd0 [ 106.931324][ T5333] ? __pfx_panic+0x10/0x10 [ 106.933346][ T5333] __warn+0x315/0x4f0 [ 106.935360][ T5333] ? gid_table_release_one+0x1fa/0x440 [ 106.938002][ T5333] ? gid_table_release_one+0x1fa/0x440 [ 106.940537][ T5333] __report_bug+0x29a/0x540 [ 106.942695][ T5333] ? kasan_save_track+0x3e/0x80 [ 106.944948][ T5333] ? kasan_save_free_info+0x46/0x50 [ 106.947364][ T5333] ? __kasan_slab_free+0x5c/0x80 [ 106.949725][ T5333] ? gid_table_release_one+0x1fa/0x440 [ 106.952256][ T5333] ? __pfx___report_bug+0x10/0x10 [ 106.955489][ T5333] ? do_syscall_64+0x14d/0xf80 [ 106.958273][ T5333] report_bug_entry+0x19a/0x290 [ 106.961005][ T5333] ? gid_table_release_one+0x2aa/0x440 [ 106.963716][ T5333] ? gid_table_release_one+0x2af/0x440 [ 106.966248][ T5333] handle_bug+0xce/0x200 [ 106.968208][ T5333] exc_invalid_op+0x1a/0x50 [ 106.970588][ T5333] asm_exc_invalid_op+0x1a/0x20 [ 106.973187][ T5333] RIP: 0010:gid_table_release_one+0x2aa/0x440 [ 106.976312][ T5333] Code: 00 48 89 ef be 04 00 00 00 e8 42 06 91 f9 48 89 e8 48 c1 e8 03 42 0f b6 04 28 84 c0 75 54 8b 4d 00 48 89 df 4c 89 fe 44 89 e2 <67> 48 0f b9 3a 4d 89 ef 4c 8b 6c 24 68 48 8b 44 24 70 42 0f b6 04 [ 106.985291][ T5333] RSP: 0018:ffffc9000d9fefd0 EFLAGS: 00010246 [ 106.988687][ T5333] RAX: 0000000000000000 RBX: ffffffff901ffc30 RCX: 0000000000000001 [ 106.992434][ T5333] RDX: 0000000000000002 RSI: ffff88801f7fd020 RDI: ffffffff901ffc30 [ 106.995945][ T5333] RBP: ffff8880330dcd00 R08: ffff8880330dcd03 R09: 1ffff1100661b9a0 [ 107.000207][ T5333] R10: dffffc0000000000 R11: ffffed100661b9a1 R12: 0000000000000002 [ 107.004219][ T5333] R13: dffffc0000000000 R14: ffff888040459cd8 R15: ffff88801f7fd020 [ 107.007691][ T5333] ib_device_release+0xd2/0x1c0 [ 107.010083][ T5333] ? __pfx_ib_device_release+0x10/0x10 [ 107.012777][ T5333] device_release+0xc4/0x1f0 [ 107.015266][ T5333] kobject_put+0x228/0x560 [ 107.017736][ T5333] nldev_dellink+0x288/0x320 [ 107.020033][ T5333] ? __lock_acquire+0x6b5/0x2cf0 [ 107.022302][ T5333] ? __pfx_nldev_dellink+0x10/0x10 [ 107.024687][ T5333] ? apparmor_capable+0x126/0x170 [ 107.026967][ T5333] ? bpf_lsm_capable+0x9/0x20 [ 107.029571][ T5333] ? security_capable+0x7e/0x2c0 [ 107.032025][ T5333] ? __pfx_nldev_dellink+0x10/0x10 [ 107.034157][ T5333] rdma_nl_rcv+0x6d7/0xa10 [ 107.036062][ T5333] ? __pfx_rdma_nl_rcv+0x10/0x10 [ 107.037935][ T5333] ? __netlink_lookup+0x7e4/0x8b0 [ 107.040378][ T5333] ? netlink_deliver_tap+0x2e/0x1b0 [ 107.043338][ T5333] netlink_unicast+0x80f/0x9b0 [ 107.045798][ T5333] ? __pfx_netlink_unicast+0x10/0x10 [ 107.048148][ T5333] ? netlink_sendmsg+0x650/0xb40 [ 107.050483][ T5333] ? skb_put+0x11b/0x210 [ 107.052390][ T5333] netlink_sendmsg+0x813/0xb40 [ 107.054672][ T5333] ? __pfx_netlink_sendmsg+0x10/0x10 [ 107.057191][ T5333] ? aa_sock_msg_perm+0xf1/0x1b0 [ 107.059583][ T5333] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 107.062099][ T5333] ____sys_sendmsg+0x972/0x9f0 [ 107.064220][ T5333] ? futex_unqueue+0x211/0x240 [ 107.066355][ T5333] ? __pfx_____sys_sendmsg+0x10/0x10 [ 107.068631][ T5333] ? import_iovec+0x73/0xa0 [ 107.070971][ T5333] ___sys_sendmsg+0x2a5/0x360 [ 107.073449][ T5333] ? __pfx____sys_sendmsg+0x10/0x10 [ 107.076022][ T5333] ? futex_wait+0x29a/0x380 [ 107.078247][ T5333] ? __fget_files+0x2a/0x420 [ 107.080407][ T5333] ? __fget_files+0x3a0/0x420 [ 107.082586][ T5333] __x64_sys_sendmsg+0x1bd/0x2a0 [ 107.084723][ T5333] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 107.087132][ T5333] ? rcu_is_watching+0x15/0xb0 [ 107.089219][ T5333] do_syscall_64+0x14d/0xf80 [ 107.091226][ T5333] ? trace_irq_disable+0x3b/0x150 [ 107.093478][ T5333] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.096295][ T5333] ? clear_bhb_loop+0x40/0x90 [ 107.098468][ T5333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.101742][ T5333] RIP: 0033:0x7f070639c819 [ 107.104284][ T5333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 107.112530][ T5333] RSP: 002b:00007f07071f5fe8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 107.116390][ T5333] RAX: ffffffffffffffda RBX: 00007f0706615fa0 RCX: 00007f070639c819 [ 107.120445][ T5333] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000009 [ 107.123766][ T5333] RBP: 00007f0706432c91 R08: 0000000000000000 R09: 0000000000000000 [ 107.127503][ T5333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 107.131630][ T5333] R13: 00007f0706616038 R14: 00007f0706615fa0 R15: 00007ffedd054028 [ 107.135903][ T5333] [ 107.137727][ T5333] Kernel Offset: disabled [ 107.139700][ T5333] Rebooting in 86400 seconds..